IES16 Toll Fraud - 03/26/18 05:21 PM
Hello All,
Customer had their provider shut down LD services after a suspicious call and I am trying to figure out how they were able to transfer the call.
I'm not seeing any new or modified mailboxes with extensions dialing out. The only thing I noticed was a couple of mailboxes with @G(xxx) in the extension field.
I have put the VM ports in a COS with Tandem connections disabled but I still need to find out what they actually did.
Any other ideas would be appreciated.
Customer had their provider shut down LD services after a suspicious call and I am trying to figure out how they were able to transfer the call.
I'm not seeing any new or modified mailboxes with extensions dialing out. The only thing I noticed was a couple of mailboxes with @G(xxx) in the extension field.
I have put the VM ports in a COS with Tandem connections disabled but I still need to find out what they actually did.
Any other ideas would be appreciated.